269 matches found
EUVD-2021-23568
Malware in sbrugna...
EUVD-2018-0010
Malware in sbrugna...
EUVD-2019-19250
Malware in sbrugna...
EUVD-2022-5724
Malicious code in bioql PyPI...
EUVD-2022-2077
Malicious code in bioql PyPI...
EUVD-2023-0819
Malicious code in bioql PyPI...
EUVD-2023-48049
Malicious code in bioql PyPI...
EUVD-2025-3999
Malicious code in bioql PyPI...
EUVD-2022-6320
Malicious code in bioql PyPI...
EUVD-2024-38992
Malicious code in bioql PyPI...
EUVD-2025-11576
Malicious code in bioql PyPI...
EUVD-2023-38107
Malicious code in bioql PyPI...
CVE-2025-34207
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...
CVE-2025-34207 Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...
Do Not Preset known_hosts for the SSH Service
knownhosts stores the public keys of the computers that the host has accessed. After a user successfully logs in to another computer, the public key information is automatically saved in $HOME/.ssh/knownhosts. When the same computer is accessed next time, its public key is verified. If the...
Moderate: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...
curl: CVE-2025-10966: missing SFTP host verification with wolfSSH
Summary: When curl is built with the wolfSSH backend, the SSH/SFTP implementation in lib/vssh/wolfssh.c performs no server host key verification and exposes no host identity options in the curl tool. I verified this locally by building curl with wolfSSH binary reports wolfssh/1.4.20, observing th...
Linux Distros Unpatched Vulnerability : CVE-2024-39223
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to...
Authentication Bypass
Fedify is vulnerable to authentication bypass. The vulnerability is due to processing forged activities before verifying that the signing key belongs to the claimed actor, which allows an attacker to impersonate any ActivityPub actor across all Fedify instances...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a machine-in-the-middle attack in OpenSSH [CVE-2025-26465]
Summary IBM Watson Speech Services Cartridge is vulnerable to a machine-in-the-middle attack in OpenSSH, due to an error in how OpenSSH mishandles error codes in specific conditions when verifying the host key CVE-2025-26465. OpenSSH is used in our speech service runtimes. This vulnerabilitiy has...